Description

The University regularly reviews/analyzes information system audit records for indications of inappropriate or unusual activity, investigates suspicious activity or suspected violations, reports findings to appropriate management, and takes necessary actions.

Applicability

  • This Control applies to all Texas A&M University information resources storing or accessing Critical or Confidential data. The intended audience is information resource custodians who are responsible for the installation of new information resources, the operations of existing information resources, and individuals accountable for information resources security.

Implementation

  • 1

    Information resource custodians are responsible for:

    • 1.1

      Reviewing and analyzing information resource audit records for indications of inappropriate or unusual activity;

    • 1.2

      Reporting findings to information resource owner; and

    • 1.3

      Responding to audit events as specified in AU-2, Audit Events.